From 6972897c46dac16a52f4844ca9a73f925e2e6af8 Mon Sep 17 00:00:00 2001
From: plasmagoat <david.mikael@proton.me>
Date: Thu, 17 Jul 2025 12:22:38 +0200
Subject: [PATCH 1/2] forgot password

---
 machines/auth/lldap.nix | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/machines/auth/lldap.nix b/machines/auth/lldap.nix
index bea3d14..c37c5dd 100644
--- a/machines/auth/lldap.nix
+++ b/machines/auth/lldap.nix
@@ -15,6 +15,10 @@ in {
     "lldap/admin_password".owner = "lldap";
   };
 
+  sops.templates."lldap_config.toml".content = ''
+    LLDAP_SMTP_OPTIONS__PASSWORD=${config.sops.placeholder."lldap/admin_password"}
+  '';
+
   networking.firewall.allowedTCPPorts = [
     cfg.settings.http_port
     cfg.settings.ldap_port
@@ -25,8 +29,11 @@ in {
   services.lldap = {
     enable = true;
     settings = {
+      verbose = true;
       ldap_base_dn = "dc=procopius,dc=dk";
       ldap_user_email = "admin@procopius.dk";
+      http_url = "https://lldap.procopius.dk";
+      enable_password_reset = true;
 
       database_url = "postgresql://lldap@localhost/lldap?host=/run/postgresql";
     };
@@ -34,7 +41,16 @@ in {
       LLDAP_JWT_SECRET_FILE = config.sops.secrets."lldap/jwt_secret".path;
       LLDAP_KEY_SEED_FILE = config.sops.secrets."lldap/key_seed".path;
       LLDAP_LDAP_USER_PASS_FILE = config.sops.secrets."lldap/admin_password".path;
+
+      LLDAP_SMTP_OPTIONS__ENABLE_PASSWORD_RESET = "true";
+      LLDAP_SMTP_OPTIONS__SERVER = "mail.procopius.dk";
+      LLDAP_SMTP_OPTIONS__PORT = "465";
+      LLDAP_SMTP_OPTIONS__SMTP_ENCRYPTION = "TLS";
+      LLDAP_SMTP_OPTIONS__USER = "admin@procopius.dk";
+      LLDAP_SMTP_OPTIONS__FROM = "LLDAP Admin <admin@procopius.dk>";
+      LLDAP_SMTP_OPTIONS__REPLY_TO = "Do not reply <noreply@procopius.dk>";
     };
+    environmentFile = config.sops.templates."lldap_config.toml".path;
   };
 
   systemd.services.lldap = let

From 5dede30f62cd099b3e70966f91a559c26bee0774 Mon Sep 17 00:00:00 2001
From: Forgejo Bot <forgejo@users.noreply.git>
Date: Fri, 18 Jul 2025 06:01:21 +0000
Subject: [PATCH 2/2] feat: automated changes

---
 flake.lock | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/flake.lock b/flake.lock
index 3d6d35c..36c62c7 100644
--- a/flake.lock
+++ b/flake.lock
@@ -188,11 +188,11 @@
     },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1752624097,
-        "narHash": "sha256-mQCof2VccFzF7cmXy43n3GCwSN2+m8TVhZpGLx9sxVc=",
+        "lastModified": 1752817886,
+        "narHash": "sha256-ixiHcBqWAubQYbXEXeEnqhwEj9Bz7GoLL904bZ+Autc=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "d7c8095791ce3aafe97d9c16c1dc2f4e3d69a3ba",
+        "rev": "3ee71bd9a139787964bc89c67989fda8ccc599e6",
         "type": "github"
       },
       "original": {